Get Help

In addition to this guide you can access InsightVM’s documentation

• InsightVM
• InsightAppSec

You can also request assistance via ServiceNow.

Add/Remove Access For InsightVM Administrators

Access to InsightVM is managed via Grouper and Okta. To add, update, or remove an administrator for your Unit a manager for the Unit should submit a request specifying: 

• Which InsightVM Site(s) to update  
• Administrator's name, CNetID, title, and department 
• What access should be configured

Define Sites and Assets

You should become familiar with the terminology used in the InsightVM Security Console before learning to operate it. The two most common terms used are "Site" and "Asset." A brief definition of both terms is found below:

Site: A site is a collection of assets that are targeted for a scan. You must create a site in order to run a scan of your environment and find vulnerabilities. A site consists of:

• Target assets (optional)
• A scan template
• One or more Scan Engines
• Other scan-related settings such as schedules or alerts

Note: IT Security will facilitate the creation of sites, but you will have full autonomy over the site that is created for you.

Asset: An asset is a single device on a network that the application discovers during a scan. In order to perform a scan on a site, you must assign assets to it.

Administer Your Site

Log In

Visit the InsightVM Security Console from a University IP (on campus or using a campus VPN) with a modern browser. Authenticate with your CNetID via Okta.

Navigate to Your Site and its Configuration Page

1. Select the Assets tab on the main menu of the homepage.
   
2. Select the number above the Sites summary at the top right of the page, and you'll be presented with the site(s) to which you have access.
   
3. Select the Site you manage, then you'll be presented with the Site Dashboard.
   

Manage your Site Configuration

1. Select the Assets tab. Any device, IP, or IP range you place in this field will be subject to scans. Define at minimum a single asset, FQDN is highly recommended. If you must use IP ranges, please consult IT Security first. Note: Assets will not appear as assets on the site until the first successful scan.
2. Select the Authentication tab. There are default shared credentials for Windows and Linux. If these systems are not managed by the Windows or Unix groups, you'll need to have credentials created on the asset and enter them into the InsightVM console.
3. Select the Templates tab. For most scans, the default of "00 ITS Default Scheduled Scan Template" will be enough. If you feel you need template customization, consult the Information Security team.
4. Select the Schedule tab, then the Create Schedule subsection. Here you can choose the start time, scan template, frequency, and maximum duration of the scans for your site. The scans have minimal impact on performance, but most administrators choose to run these late in the evening.
   

Review Assets and Vulnerabilities

After your first successful scan, you can begin to assess your environment for high-risk assets, vulnerabilities, or policy violations. The IT Security team can introduce you to operating at the console and assist as you review and assess your first scan results.

You can view the assets that you have access to by selecting the Assets icon and viewing the Assets table on the Assets page. Your assets can be sorted in many ways, total vulnerabilities, exploitable vulnerabilities, last scans, operating system, and more.

See the Assess section of the InsightVM help site for more extensive documentation on assessing vulnerabilities. Contact IT Security at security@uchicago.edu if you have any questions.